LabCorp finds 'suspicious activity' on its IT network

Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, hackers staged a cyber assault with a self-spreading malware that has infected tens of thousands of computers in nearly 100 countries.
(Reuters)

Laboratory testing giant LabCorp detected “suspicious activity” on its IT network over the weekend, the company announced Monday.

“LabCorp immediately took certain systems offline as part of its comprehensive response to contain the activity,” the firm said in a 8-K filed with the Securities and Exchange Comission. “This temporarily affected test processing and customer access to test results over the weekend.”

The Burlington, N.C.-based company said that its testing operations “substantially resumed” on Monday. “We anticipate that additional systems and functions will be restored throughout the next several days,” it added. “Some customers of LabCorp Diagnostics may experience brief delays in receiving results as we complete that process.”

The suspicious activity was only found on LabCorp Diagnostic systems and the company says there’s no indication that it affected systems used by its drug development business Covance.

“At this time, there is no evidence of unauthorized transfer or misuse of data. LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation,” it said, in its statement.

The healthcare sector has emerged as an attractive target for cybercriminals. Quest Diagnostics and health insurance giant Anthem, for example, have both suffered high-profile data breaches.

In 2016, a Los Angeles hospital paid a ransom of nearly $17,000 in bitcoin to hackers who infiltrated and disabled its computer network. In the same year, a hacker claimed to be selling 655,000 alleged patient healthcare records on the dark web, containing information such as social security numbers, addresses, and insurance details.

LabCorp, which describes itself as the “world’s leading healthcare diagnostics company,” typically processes test on more than 2.5 million patient specimens a week.

Healthcare security company Cynerio recently reported that the personal information of babies is now available on the dark web.